[11810] in North American Network Operators' Group
Re: Loadsa ICMP...
daemon@ATHENA.MIT.EDU (Jon Green)
Wed Aug 13 16:23:35 1997
To: Edward Henigin <ed@texas.net>
cc: nanog@merit.edu
In-reply-to: Your message of "Wed, 13 Aug 1997 14:40:05 CDT."
<19970813144005.01392@texas.net>
Date: Wed, 13 Aug 1997 15:12:51 -0500
From: Jon Green <jcgreen@netins.net>
On Wed, 13 Aug 1997 14:40:05 -0500, ed@texas.net writes:
>
> realize here that doubling (or tripling, or quadrupling) the
>CPU power of the cisco will not help. Upgrading from an rsp2 to an
>rsp4 would buy you about 3 times 3.5Kpps, say around 10Kpps, process
>switched. That's still hardly enough to save you when you're being
>smurfed.
That's my point. The answer is to get rid of the concept of an
RSP completely. A box with a central CPU is never going to scale as well
as a distributed processor design no matter how many MHz you throw at it.
There ARE vendors that have such designs (and have had such designs for about
the past 5 years or so..)
While admittedly I (strongly) dislike Cisco, it is in the best interest of the
entire Internet to see them build a better box. With 80% of the routers
in the Internet being Cisco, these types of DoS attacks make me a bit
nervous about our future when the infrastructure is built on what
is IMHO a non-scalable architecture.
-Jon
-----------------------------------------------------------------
* Jon Green * "Life's a dance *
* jcgreen@netINS.net * you learn as you go" *
* Finger for Geek Code/PGP * *
* #include "std_disclaimer.h" * http://www.netins.net/showcase/jcgreen *
-------------------------------------------------------------------------
